NSFOpen Education ResourcesThe Research University (TRU)

CICI: SSC: Real-Time Operating System and Network Security for Scientific Middleware: University of Colorado at Colorado Springs

Gedare Bloom

[email protected]

Remote monitoring and control of industrial control systems are protected using firewalls and user passwords. Cyberattacks that get past firewalls have unfettered access to command industrial control systems with potential to harm digital assets, environmental resources, and humans in proximity to the compromised system. To prevent and mitigate such harms in scientific industrial control systems, this project enhances the security of open-source cyberinfrastructure used for high energy physics, astronomy, and space sciences. The results of this project enhance the security of scientific instruments used in particle accelerators, large-scale telescopes, satellites, and space probes. The benefits to science and the public include greater confidence in the fidelity of experimental data collected from these scientific instruments, and increased reliability of scientific cyberinfrastructure that reduces the costs associated with accidental misconfigurations or malicious cyberattacks.<br/><br/>The objective of this project is to enhance the security of the open-source Real-Time Executive for Multiprocessor Systems (RTEMS) real-time operating system and the Experimental Physics and Industrial Control System (EPICS) software and networks; RTEMS and EPICS are widely used cyberinfrastructure for controlling scientific instruments. The security enhancements span eight related project activities: (1) static analysis and security fuzzing as part of continuous integration; (2) cryptographic security for the open-source software development life cycle; (3) secure boot and update for remotely-managed scientific instruments; (4) open-source cryptographic libraries for secure communication; (5) real-time memory protection; (6) formal modeling and analysis of network protocols; (7) enhanced security event logging; and (8) network-based intrusion detection for scientific industrial control systems. The project outcomes provide a roadmap for enculturating cybersecurity best practices in open-source, open-science communities while advancing the state-of-the-art research in cyberinfrastructure software engineering and industrial control system security.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

About Exponent

Exponent is a modern business theme, that lets you build stunning high performance websites using a fully visual interface. Start with any of the demos below or build one on your own.

Get Started

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound